Resolved! How to allow GRE protocol 47 through Palo Alto FW?

Dear Friends, 

I'd be grateful if you could help me with this ...

I'd like to allow GRE traffic (protocol 47) through my Palo Alto FW. I want to allow all the GRE traffic through and not terminate a GRE tunnel on the PA itself. Appologies if this is s

Resolved! What is the advantage of having Virtual system(vsys) over VR's

We have Virtual routers and Virtual systems in palo.

Can anyone help me understand, what is the real advantage of having Vsys over VR's.

(or)

What can be acheived by Vsys that cannot be done via VR's?

Resolved! Global Protect pangps log messages - What to watch for

Our company just finished a rollout of the Global Protect client to all of our locations.  Now we are getting occasional complaints about disconnects/reconnect and other assorted odd behaviour.  Much of this is just users looking for something to bla

Resolved! Configuration and Management (EDU-110) > Lab question

Hello, I am starting with this training "Firewall 8.0 Essentials: Configuration and Management (EDU-110)" and on page 12  it states:

1. Launch a browser and connect to https://192.168.1.254

Is there any other way to access this lab? or any lab enviro

Resolved! ProxyARP default setting

Hi Team,

               Is ProxyARP is enabled by default. Can we disable or enable this feature in PA??

with regards,

Ram

Resolved! Deployment job update licenses

Just curious, I noticed that at 01:17 my panorama connects to updates.paloaltonetworks.com then completes a "Deployment job update licenses" job for each of my firewalls.  This isn't anything to do with the sceduled dynamic updates as the timings are

Resolved! Cryptocurrency Mining?

Hi folks,

We recently had a pen test and had positive results.  We do not use URL filtering, but have everything else.

However, on 12/24/2017 we can now see a reboot.txt file sitting in our Windows\temp directory on an Oracle OAM server.

Luckly, Carbon

Resolved! Exempt alerting for specific threat

We have an open wifi network and do see lot of coinhive spyware threat alerts. Recently a user genrated in excess 30000 email alerts for CoinHive JavaScript Detection. We don't want to block the user and also the external IP is not single one. Firewa

Resolved! Filtering Azure IP ranges based on a subset of regions?

I'm attempting to filter the azure.cloudIPs miner based on a subset of specific regions. I've customized IPv4 aggregators to specify individual regions (as shown below), and this works correctly. However what would the syntax be to filter on multiple